Gets an auth token for a repo via a GitHub app installation

Перейти к файлу

dependabot[bot] 9129ba2b96 build(deps): bump continuousauth/action from 1.0.4 to 1.0.5 (#35 ) Bumps [continuousauth/action](https://github.com/continuousauth/action) from 1.0.4 to 1.0.5. - [Release notes](https://github.com/continuousauth/action/releases) - [Changelog](https://github.com/continuousauth/action/blob/main/.releaserc.json) - [Commits](`732eeb237a...4e8a2573ee`) --- updated-dependencies: - dependency-name: continuousauth/action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>		2024-11-14 14:09:48 -08:00
.github	build(deps): bump continuousauth/action from 1.0.4 to 1.0.5 (#35 )	2024-11-14 14:09:48 -08:00
src	fix: pass baseUrl to octokit (#12 )	2023-07-11 14:41:13 -07:00
.gitattributes	ci: switch to GHA (#33 )	2024-11-12 11:38:01 +01:00
.gitignore	Initial Commit	2022-05-05 15:28:56 -07:00
.prettierrc.json	Initial Commit	2022-05-05 15:28:56 -07:00
.releaserc.json	Initial Commit	2022-05-05 15:28:56 -07:00
LICENSE	docs: add README and LICENSE	2022-05-06 01:58:30 -07:00
README.md	ci: switch to GHA (#33 )	2024-11-12 11:38:01 +01:00
package.json	ci: switch to GHA (#33 )	2024-11-12 11:38:01 +01:00
tsconfig.json	Initial Commit	2022-05-05 15:28:56 -07:00
yarn.lock	build: update dev dependencies (#32 )	2024-11-06 15:02:05 -05:00

README.md

@electron/github-app-auth

Gets an auth token for a repo via a GitHub app installation

Usage

Generating Credentials

In order to simply credential management @electron/github-app-auth contains a CLI tool to generate a "credential bundle" that contains the requisite information to generate tokens. You need both a private key for your application and the application ID.

You can find your app's ID on the settings page for your GitHub App.
To download your app's private key, see Managing private keys for GitHub Apps.

npx @electron/github-app-auth --cert=my-private.key.pem --app-id=12345

This command will output a base64 encoded blob which you should store in your services secret storage (normally accessed via an environment variable). Below we will use MY_GITHUB_APP_CREDS as the environment variable.

With `@octokit/rest`

import { appCredentialsFromString, getAuthOptionsForRepo } from '@electron/github-app-auth';
import { Octokit } from '@octokit/rest';

const creds = appCredentialsFromString(process.env.MY_GITHUB_APP_CREDS);
const authOpts = await getAuthOptionsForRepo({
  owner: 'electron',
  name: 'electron'
}, creds)
const octo = new Octokit({
  ...authOpts,
});

// octo is now a valid octokit instance

With raw tokens

import { appCredentialsFromString, getTokenForRepo } from '@electron/github-app-auth';
import { Octokit } from '@octokit/rest';

const creds = appCredentialsFromString(process.env.MY_GITHUB_APP_CREDS);
const token = await getTokenForRepo({
  owner: 'electron',
  name: 'electron'
}, creds)

// token is now a valid github auth token

With raw tokens on the CLI

gh_token=$(npx @electron/github-app-auth --creds=$MY_GITHUB_APP_CREDS --owner=electron --repo=electron)